| [[gke-cluster]] |
| Configuring a Google Kubernetes Engine (GKE) Cluster |
| ==================================================== |
| |
| This guide assumes you've already created a Kubernetes Engine cluster on https://console.cloud.google.com. |
| |
| Make sure you've selected a version of Kubernetes greater than **1.11** when creating the cluster. You can create it in any region. |
| |
| In the list of clusters for the current project, GKE provides a connection string that you need to execute on a shell to configure the `kubectl` command. |
| |
| NOTE: the connection string contains a `--project` flag that indicates your **project ID**. You should keep that information for the last step. |
| |
| After executing the connection string, if everything is installed correctly, you should be able to execute: |
| |
| ``` |
| kubectl get pod |
| ``` |
| |
| When the cluster is first installed, you should find that "no pods are present" in the cluster. You can proceed with the installation then. |
| |
| Before installing Camel K on a fresh GKE cluster, you need to perform some extra steps to give to your account the required cluster-admin permissions. |
| This means executing the following command (**replacing "your-address@gmail.com" with your account email address**): |
| |
| ``` |
| kubectl create clusterrolebinding user-cluster-admin-binding --clusterrole=cluster-admin --user=your-address@gmail.com |
| ``` |
| |
| The command above is needed to make sure your user is able to delegate some permissions to Camel K service accounts. |
| |
| Users of *GKE* are expected to use the `gcr.io` registry to push and pull images. |
| In order to push images to `gcr.io`, you need to provide a valid key to Camel K. |
| The best way to obtain a valid key is from the web console: |
| |
| - Go to https://console.cloud.google.com |
| - Make sure the project where you created the Kubernetes cluster is selected in the drop-down list |
| - To avoid confusion, it's suggested to use the "English" language in preferences of the Google Cloud console |
| - Select "IAM & admin" from the navigation menu, then "Service accounts" |
| - Create a new service account specifying the following id: **"camel-k-builder"** |
| - You'll be asked to select a role. It's important to select the **"Storage Admin" role** from the "Storage" menu |
| - Finish creating the service account |
| - From the action menu of the service account you've created, **create a key** using the JSON format |
| |
| A `.json` file with the key will be downloaded to your machine. You need to store that key in a Kubernetes secret. |
| |
| It's **important** to rename the file you've just downloaded to `kaniko-secret.json` (make sure you write it correctly). |
| After the renaming, execute the following command to create the secret: |
| |
| ``` |
| kubectl create secret generic kaniko-secret --from-file=kaniko-secret.json |
| ``` |
| |
| You're ready to install Camel K. You should now execute the following command to install cluster resources and the operator (in the current namespace): |
| |
| ``` |
| kamel install --registry gcr.io --organization <<your-project-id>> --push-secret kaniko-secret |
| ``` |
| |
| Use the project id that you've annotated when executing the first connection string. |
| |
| NOTE: the project id is **NOT** the cluster id! |
| |
| You're now ready to play with Camel K! |
